A Logical Approach to Model a Multilevel Object Oriented Database

  • Frédéric Cuppens
  • Alban Gabillon
Chapter
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT)

Abstract

In the context of OODB (Object-Oriented DataBases), several multilevel security models appeared in the literature. In this paper, we are mainly interested in the MultiView model [BCCGY93, BCCGY94a]. Our first objective is not to propose a new security model but rather to present the MultiView model in a formal way. Another objective is to extend the MultiView model to include new security functionalities, in particular the protection of the database schema. Our approach can be sum up as follows. We propose a language based on first-order logic to represent an OODB content and specify integrity constraints which must be enforced in an OODB. A first security model called Single-View is then defined. In this security model, every atomic formula of the language used to represent the OODB is a piece of information we may associate with a classification level. We also derive general theorems which must be enforced when classifying each piece of information. Finally, we show how to refine the Single-View model to obtain the MultiView model. We give a sketch of implementation of the MultiView model.

Keywords

Security and Protection Database Management General Mathematical Logic 

Keyword Codes

D.4.6 F.4.1 H.2.0 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [AJJ92]
    P. Ammann, F. Jaeckle, and S. Jajodia. A Two Snapshot Algorithm for Concurrency Control in Multi-Level Secure Databases. In IEEE Symposium on Security and Privacy, Oakland, 1992.Google Scholar
  2. [BCCGY93]
    N. Boulahia-Cuppens, F. Cuppens, A. Gabillon, and K. Yazdanian. Multi-View Model for Multilevel Object Oriented Databases. In Ninth Annual Computer Security Applications Conference, Orlando, Florida, 1993.Google Scholar
  3. [BCCGY94a]
    N. Boulahia-Cuppens, F. Cuppens, A. Gabillon, and K. Yazdanian. Decomposition of Multilevel Objects in an Object-Oriented Database. In European symposium on research in computer security Brighton, UK, 1994. Springer Verlag.Google Scholar
  4. [BCCGY94b]
    N. Boulahia-Cuppens, F. Cuppens, A. Gabillon, and K. Yazdanian. Virtual View Model to Design a Secure Object-Oriented Database. In Proceedings of the 17th National Computer Security Conference, Baltimore, USA, 1994.Google Scholar
  5. [BJ93]
    E. Bertino and S. Jajodia. Modeling Multilevel Entities Using Single-level Objects. In Proceedings of the Third Conference on Deductive and Object-Oriented Databases volume 760 of Lecture Notes in Artificial Intelligence. Springer Verlag, 1993.Google Scholar
  6. [BMJ94]
    E. Bertino, L. Mancini, and S. Jajodia. Collecting Garbage in Multilevel Secure Object Stores. In IEEE Symposium on Security and Privacy, Oakland, 1994.Google Scholar
  7. [CC95]
    L. Cholvy and F. Cuppens. Providing Consistent Views in a Polyinstantiated Database. In J. Biskup, M. Morgenstern, and C. Landwehr, editors, Database Security, 8: Status and Prospects. North-Holland, 1995. Results of the IFIP WG 11.3 Workshop on Database Security.Google Scholar
  8. [CD89]
    F. Cuppens and R. Demolombe. How to recognize topics to provide cooperative answering. Information Systems, 14 (2), 1989.Google Scholar
  9. [Gab95]
    A. Gabillon. Sécurité Multi-Niveaux dans les Bases de Données à Objets. Thèse de Doctorat. ENSAE, 1995.Google Scholar
  10. [HOT91]
    J. T. Haigh, R. C. O’Brien, and D. J. Thomsen. The LDV Secure Relational DBMS Model. In Database Security, IV: Status and Prospects. North-Holland, 1991. Results of the IFIP WG 11.3 Workshop on Database Security.Google Scholar
  11. [JK90]
    S. Jajodia and B. Kogan. Integrating an Object-Oriented Data Model with Multi-Level Security. In IEEE Symposium on Security and Privacy, Oakland, 1990.Google Scholar
  12. [KT90a]
    T. Keefe and W. Tsai. Multiversion Concurrency Control for Multilevel Secure Database Systems. In IEEE Symposium on Security and Privacy, Oakland, 1990.Google Scholar
  13. [KT90b]
    T. Keefe and W. Tsai. Prototyping the SODA Security Model. In Database Security, 3: Status and Prospects. North-Holland, 1990. Results of the IFIP WG 11.3 Workshop on Database Security.Google Scholar
  14. [KTT89]
    T. Keefe, W. Tsai, and M. Thuraisingham. SODA: A Secure Object-Oriented Database System. Computer and Security, 8 (6), 1989.Google Scholar
  15. [Lun90]
    T. F. Lunt. Multilevel Security for Object-Oriented Database Systems. In D. L. Spooner and C. Landwehr, editors, Database Security, III: Status and Prospects. North-Holland, 1990. Results of the IFIP WG 11.3 Workshop on Database Security.Google Scholar
  16. [Lun91]
    T. F. Lunt. Polyinstantiation: an inevitable part of a multilevel world. In Proc. of the computer security foundations workshop, Franconia, 1991.Google Scholar
  17. [MJ93]
    J. McDermott and S. Jajodia. Orange Locking: Channel-Free Database Concurrency Control Via Locking. In Database Security, 6: Status and Prospects. North-Holland, 1993. Results of the IFIP WG 11.3 Workshop on Database Security.Google Scholar
  18. [ML92]
    J. K. Millen and T. F. Lunt. Security for Object-Oriented Database Systems. In IEEE Symposium on Security and Privacy, Oakland, 1992.Google Scholar
  19. [MQ93]
    J. Meseguer and X. Qian. A Logical Semantics for Object-Oriented Databases. In ACM SIGMOD, Washington D.C, 1993.CrossRefGoogle Scholar
  20. [OS94]
    M. S. Olivier and S. H. Von Solms. A Taxonomy for Secure Object-Oriented Databases. ACM Tansactions on Database Systems, 19 (1), March 1994.Google Scholar
  21. [SJ92]
    R. Sandhu and S. Jajodia. Polyinstantiation for cover stories. In European symposium on research in computer security, Toulouse, France, 1992. Springer Verlag.Google Scholar
  22. [SMKL95]
    M. Schaefer, P. Martel, T. Kanawan, and V. Lyons. Multilevel Data Model for the Trusted ONTOS Prototype. In Ninth Annual IFIP WG 11.3 Working Conference on Database Security, Rensselaerville, USA, 1995.Google Scholar
  23. [Wie91]
    R. J. Wieringa. A Formalization of Objects Using Equational Dynamic Logic. In C. Delobel, M. Keifer, and Y. Masunaga, editors, Second International Conference DOOD’91, volume 566 of Lecture Notes in Computer Science, Munich, Germany, 1991. Springer-Verlag.Google Scholar

Copyright information

© IFIP International Federation for Information Processing 1997

Authors and Affiliations

  • Frédéric Cuppens
    • 1
  • Alban Gabillon
    • 2
  1. 1.ONERA-CERTToulouse CedexFrance
  2. 2.Computer Engineering DepartmentEastern Mediterranean UniversityFamagousteTurkey

Personalised recommendations